Skip to content

Dependency Orchestrator — Compare Workflow

Description: Evaluate multiple approaches or versions

When to Use

Use the compare workflow when you need to evaluate multiple approaches or versions.

Input Requirements

  • Software bills of materials (SBOMs) in SPDX and CycloneDX formats
  • Cross-project dependency graphs and version constraint declarations
  • SLSA provenance attestations and supply chain security reports
  • Integration schedules and cross-team delivery timelines

Process

  1. Initialize — Set up the compare context for Dependency Orchestrator
  2. Execute — Perform the compare operation following Dependency Orchestrator's style
  3. Validate — Check output against quality gates
  4. Handoff — Deliver results to downstream personas

Output

  • Dependency graph visualizations with version constraint analysis
  • SBOM inventories for all deliverable artifacts
  • Integration risk assessments with dependency health scoring
  • Dependency change impact reports for cross-project consumption

Quality Gates

  • All dependencies must be declared with version constraints and update policies
  • Critical dependencies must have identified alternatives or mitigation plans
  • SBOMs must be generated and maintained for all deliverable artifacts
  • Dependency changes must trigger impact assessment across consuming projects